Another renegotiation patch
Steve Dispensa
dispensa at phonefactor.com
Fri Jan 22 21:57:49 CET 2010
On 1/21/10 2:42 PM, "Nikos Mavrogiannopoulos" <nmav at gnutls.org> wrote:
> Steve Dispensa wrote:
>> Here is another patch that fixes an interoperability problem with safe
>> renegotiation and resumption. In copying forward the safe renegotiation
>> state across resumptions, I got a little carried away and copied too much
>> data (new connections should start with empty RI data).
>
> I was thinking about the safe renegotiation case. Currently with the
> defaults the client behavior is to drop the connection to servers that
> do not advertise safe renegotiation... This is quite an inconvenience.
> How do you think of instead of failing disabling renegotiation for this
> session?
The client can't tell when the attacker is renegotiating. If the client
doesn't want to, e.g., tweet his password in clear text, he has to drop the
connection.
The whole problem is that to the attacker and to one peer, it looks like a
renego, but to the other peer, it looks entirely normal.
-Steve
More information about the Gnutls-devel
mailing list